<?php
include './include/common.inc.php';
include './include/perm.class.php';
require '../include/form.class.php';

$perm_db = new perm();
$action = isset( $action ) ? $action : 'manage';
$forward = get_forward( 'perm.php' );

if( $current_user === false )
{
	if( isset( $edufepm ) && $edufepm == 'iframe' )
	{
		$response->alert( '请您登陆后再访问' );
		$response->redirect( $base_dir . 'admin/login.php' );
		$response->execute();
	}
	else
	{
		showmessage( '请您登陆后再访问', $base_dir . 'admin/login.php' );
	}
}

$params = array();
array_push( $params, "status = 99" );
if( isset( $p_name ) && strlen( $p_name ) > 0 )
{
    array_push( $params, "p_name like '%$p_name%'" );
}
if( isset( $pt_code ) && strlen( $pt_code ) > 0 )
{
    array_push( $params, "pt_code = '$pt_code'" );
}
$order = " ORDER BY listorder DESC, inputtime DESC";

switch( $action )
{
    case 'add':
        $have_perm = check_perms( 'P002' );
        if( isset( $_POST['p_name'] ) )
		{
            if( $have_perm === false )
			{
				$response->alert( '您没有权限进行此操作！' );
				$response->execute();
			}
			if( empty( $p_code ) || strlen( $p_code ) > 100 )
			{
				$response->text_alert( 'error','p_code','权限编码不能为空且长度不能大于100个字符' );
			}
            if( empty( $p_name ) || strlen( $p_name ) > 100 )
			{
				$response->text_alert( 'error','p_name','权限名称不能为空且长度不能大于100个字符' );
			}
            if( empty( $pt_code ) )
			{
				$response->text_alert( 'error','pt_code','权限元分类不能为空' );
			}
			$response->real_execute();
			$params = array(
				'p_name'	  =>  $p_name,
                'p_code'      =>  $p_code,
                'pt_code'     =>  $pt_code,
                'status'      =>  99,
                'username'    =>  $_SESSION['current_user']['username'],
                'inputtime'   =>  time(),
			);
            $res = $perm_db->add_perm( $params );
			if( !empty($res) )
			{
				$response->alert( '添加成功' );
				$response->redirect( urldecode( $forward ) );
			}
			else
			{
				$response->alert( '添加失败' );
				$response->script( 'self.location = self.location' );
			}
			$response->execute();
		}
		else
		{
            if( $have_perm === false )
			{
				showmessage('您没有权限进行此操作！');
			}
            $type_list = $perm_db->get_all_perm_type();
			include template( 'admin', 'perm_add' );
		}
        break;

    case 'upd':
        $have_perm = check_perms( 'P003' );
        if( isset( $_POST['p_name'] ) )
		{
            if( $have_perm === false )
			{
				$response->alert( '您没有权限进行此操作！' );
				$response->execute();
			}
            if( empty( $p_code ) || strlen( $p_code ) > 100 )
			{
				$response->text_alert( 'error','p_code','权限编码不能为空且长度不能大于100个字符' );
			}
			if( empty( $p_name ) || strlen( $p_name ) > 100 )
			{
				$response->text_alert( 'error','p_name','用户名称不能为空且长度不能大于100个字符' );
			}
            if( empty( $pt_code ) )
			{
				$response->text_alert( 'error','pt_code','权限元分类不能为空' );
			}
			$response->real_execute();
			$params = array(
				'p_name'	  =>  $p_name,
                'p_code'      =>  $p_code,
                'pt_code'     =>  $pt_code,
                'username'    =>  $_SESSION['current_user']['username'],
                'updatetime'  =>  time(),
			);
			$res = $perm_db->edit_perm( $params, $permid );
			if( !empty($res) )
			{
				$response->alert( '修改成功' );
				$response->redirect( urldecode( $forward ) );
			}
			else
			{
				$response->alert( '修改失败' );
				$response->script( 'self.location = self.location' );
			}
			$response->execute();
		}
		else
		{
            if( $have_perm === false )
			{
				showmessage('您没有权限进行此操作！');
			}
			$info = $perm_db->get_perm( $permid );
			if( !isset( $info['p_id'] ) )
			{
				showmessage( '要编辑的权限元不存在' );
			}
            $type_list = $perm_db->get_all_perm_type();
			include template( 'admin', 'perm_upd' );
		}
        break;

    case 'del':
        $have_perm = check_perms( 'P004' );
        if( $have_perm === false )
        {
            $response->alert( '您没有权限进行此操作！' );
            $response->execute();
        }
		$info = $perm_db->get_perm( $permid );
		if( !isset( $info['p_id'] ) )
		{
			$response->alert( '要删除的权限元不存在' );
			$response->execute();
		}
		$res = $perm_db->del_perm( $permid );
		if( $res == false )
		{
			$response->alert( '删除失败' );
		}
		else
		{
			$response->alert( '删除成功' );
			$response->script( 'self.location=self.location' );
		}
		$response->execute();
        break;

    case 'del_all':
        $have_perm = check_perms( 'P004' );
        if( $have_perm === false )
        {
            $response->alert( '您没有权限进行此操作！' );
            $response->execute();
        }
        if( isset( $_POST['pid'] ) )
		{
			foreach ( $pid as $id )
			{
				$perm_db->del_perm( $id );
			}
			$response->alert( '删除成功！' );
			$response->script( 'self.location=self.location' );
			$response->execute();
		}
		else
		{
			$response->alert( '请选择要删除的权限元' );
			$response->execute();
		}
        break;

    case 'listorder':
        $have_perm = check_perms( 'P005' );
        if( $have_perm === false )
        {
            $response->alert( '您没有权限进行此操作！' );
            $response->execute();
        }
        $result = $perm_db->listorder( $listorder );
		if( $result )
		{
            $response->alert( '修改成功' );
            $response->redirect( urldecode( $forward ) );
		}
		else
		{
			$response->alert( '修改失败' );
		}
        $response->execute();
        break;

    case 'search':
        $url = 'perm.php';
		$url .= isset( $p_name ) && !empty( $p_name ) ? '?p_name='.urlencode( $p_name ) : '';
        if( empty( $p_name ) )
        {
            $url .= isset( $pt_code ) && !empty( $pt_code ) ? '?pt_code='.urlencode( $pt_code ) : '';
        }
        else
        {
            $url .= isset( $pt_code ) && !empty( $pt_code ) ? '&pt_code='.urlencode( $pt_code ) : '';
        }
        
		$response->redirect( $url );
		$response->execute();
        break;

    case 'manage':
    default:
        $have_perm = check_perms( 'P001' );
        if( $have_perm === false )
        {
            showmessage('您没有此项操作权限！');
        }
        $page = isset( $page ) ? intval( $page ) : 1;
		$page = max( $page, 1 );
        $pagesize = 10;
		$perm_list = $perm_db->get_list( $params, $order, $page, $pagesize );
        $perm_pages = $perm_db->pages;
        $type_list = $perm_db->get_all_perm_type();
        $forward = make_forward();
		include template( 'admin', 'perm_manage' );
        break;
}

?>
